package com.example.ssrbac.controller;

import com.example.ssrbac.dto.PermissionDTO;
import com.example.ssrbac.service.PermissionService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.validation.Valid;

/**
 * 权限控制器
 * 
 * 该控制器负责处理权限管理相关的请求，包括：
 * 1. 创建权限
 * 2. 更新权限信息
 * 3. 删除权限
 * 4. 查询权限信息
 * 
 * @author Your Name
 * @version 1.0
 */
@RestController
@RequestMapping("/api/permissions")
public class PermissionController {
    private static final Logger logger = LoggerFactory.getLogger(PermissionController.class);

    /**
     * 权限服务，用于处理权限相关的业务逻辑
     */
    @Autowired
    private PermissionService permissionService;

    /**
     * 创建新权限
     * 需要PERMISSION_CREATE权限
     * 
     * @param permissionDTO 权限信息
     * @return 创建的权限信息
     */
    @PostMapping
    @PreAuthorize("hasAuthority('PERMISSION_CREATE')")
    public ResponseEntity<PermissionDTO> createPermission(@Valid @RequestBody PermissionDTO permissionDTO) {
        logger.info("Creating new permission with name: {}", permissionDTO.getName());
        PermissionDTO createdPermission = permissionService.createPermission(permissionDTO);
        logger.info("Permission created successfully with ID: {}", createdPermission.getId());
        return ResponseEntity.ok(createdPermission);
    }

    /**
     * 更新权限信息
     * 需要PERMISSION_UPDATE权限
     * 
     * @param id 权限ID
     * @param permissionDTO 更新的权限信息
     * @return 更新后的权限信息
     */
    @PutMapping("/{id}")
    @PreAuthorize("hasAuthority('PERMISSION_UPDATE')")
    public ResponseEntity<PermissionDTO> updatePermission(@PathVariable Long id, @Valid @RequestBody PermissionDTO permissionDTO) {
        logger.info("Updating permission with ID: {}", id);
        PermissionDTO updatedPermission = permissionService.updatePermission(id, permissionDTO);
        logger.info("Permission updated successfully: {}", id);
        return ResponseEntity.ok(updatedPermission);
    }

    /**
     * 删除权限
     * 需要PERMISSION_DELETE权限
     * 
     * @param id 权限ID
     * @return 空响应
     */
    @DeleteMapping("/{id}")
    @PreAuthorize("hasAuthority('PERMISSION_DELETE')")
    public ResponseEntity<Void> deletePermission(@PathVariable Long id) {
        logger.info("Deleting permission with ID: {}", id);
        permissionService.deletePermission(id);
        logger.info("Permission deleted successfully: {}", id);
        return ResponseEntity.ok().build();
    }

    /**
     * 根据ID查询权限
     * 需要PERMISSION_READ权限
     * 
     * @param id 权限ID
     * @return 权限信息
     */
    @GetMapping("/{id}")
    @PreAuthorize("hasAuthority('PERMISSION_READ')")
    public ResponseEntity<PermissionDTO> getPermissionById(@PathVariable Long id) {
        logger.debug("Fetching permission by ID: {}", id);
        PermissionDTO permission = permissionService.getPermissionById(id);
        logger.debug("Permission fetched successfully: {}", id);
        return ResponseEntity.ok(permission);
    }

    /**
     * 分页查询所有权限
     * 需要PERMISSION_READ权限
     * 
     * @param pageable 分页参数
     * @return 权限信息分页列表
     */
    @GetMapping
    @PreAuthorize("hasAuthority('PERMISSION_READ')")
    public ResponseEntity<Page<PermissionDTO>> getAllPermissions(Pageable pageable) {
        logger.debug("Fetching all permissions with pagination: {}", pageable);
        Page<PermissionDTO> permissions = permissionService.getAllPermissions(pageable);
        logger.debug("All permissions fetched successfully, total: {}", permissions.getTotalElements());
        return ResponseEntity.ok(permissions);
    }
} 